<?php
session_start();
/*
 * Session variables:
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 * $_SESSION['student_pass'] [string]= password of student who arrived
 */
if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
{   
    if(isset($_SESSION['type']))
    {
        if($_SESSION['type'] == 'administrator')
        {
			include ('connection.inc');
			$student_id = $_POST['student'];
			$password1 = $_POST['pass1'];
			$password2 = $_POST['pass2'];
			if($student_id=='' ||  $password1=='' || $password2=='')
			{
				$_SESSION['student_pass']='Invalid Input';
				header('Location: admin_studentarrived.php');
				exit();
			}
			elseif($password1==$password2)
			{
				$sql = "SELECT users.username, users.password, students.student_id FROM students inner join users on students.username=users.username where students.student_id=$student_id";
				$result = pg_query($sql);
				if(pg_fetch_result($result, 0, 'password')==$password1)
				{
					$sql="Update students set is_in=true where student_id=$student_id";
					$result=pg_query($sql);
		
					header('Location: admin_studentslist.php');
					exit();
				}
				else
				{
					$_SESSION['student_pass']='Incorrect Password';
					header('Location: admin_studentarrived.php');
					exit();
				}
			}
			else
			{
				$_SESSION['student_pass']='Passwords did not match';
				header('Location: admin_studentarrived.php');
				exit();
			}
        	
        }
        elseif($_SESSION['type'] == 'student')
        {
            header('Location: student_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'tutor')
        {
            header('Location: tutor_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'parent')
        {
            header('Location: parent_index.php');
            exit();
        }
    }
}
else
{
    header('Location: index.php');
}
?>
